Unable to set up Nextcloud on Nginx

BrejSki · January 23, 2022, 9:56pm

Nextcloud version : 23.0.0
Operating system and version : Alma Linux 8.5
Apache or nginx version : Nginx 1.21.5
PHP version: PHP 8.0.15

The issue you are facing:
I have a problem with setting up Nextcloud on Nginx Linux server. I all the time get “Internal Server Error” and I ran out of ideas what happens here.
I am trying to use MariaDB.
This is something with privileges but in php-fpm.d/www.conf:
user = nginx group = nginx

Whole Nextcloud is installed in /var/www/html and privileges are:
drwxr-xr-x. 15 nginx nginx 4096 01-23 22:41 html (chown -R nginx:nginx html/; chmod -R 755 html/). I don’t know where the problem can be right now.

Is this the first time you’ve seen this error? : Yes

The output of your Nextcloud log in Admin > Logging:

none as I cannot get into it, because Nextcloud does not install

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

Config has not been generated - there is only example config

The output of your Apache/nginx/system log in /var/log/nginx/error.log:

2022/01/23 22:42:53 [error] 3954#0: *6 FastCGI sent in stderr: "uDQkAI4HY7GT3fS","level":3,"time":"2022-01-23T21:42:53+00:00","remoteAddr":"85.221.132.60","user":"--","app":"index","method":"GET","url":"/index.php","message":"Failed to connect to the database: An exception occurred in the driver: SQLSTATE[HY000] [14] unable to open database file","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36","version":"","exception":{"Exception":"Doctrine\\DBAL\\Exception","Message":"Failed to connect to the database: An exception occurred in the driver: SQLSTATE[HY000] [14] unable to open database file","Code":14,"Trace":[{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1519,"function":"connect","class":"OC\\DB\\Connection","type":"->"},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1041,"function":"getWrappedConnection","class":"Doctrine\\DBAL\\Connection","type":"->"},{"file":"/var/www/html/lib/private/DB/Connection...PHP message: {"reqId":"8zm3euDQkAI4HY7GT3fS","level":3,"time":"2022-01-23T21:42:53+00:00","remoteAddr":"85.221.132.60","user":"--","app":"PHP","method":"GET","url":"/index.php","message":"chmod(): Permission denied at /var/www/html/lib/private/Log/File.php#86","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36","version":""}" while reading response header from upstream, client: 85.221.132.60, server: cloud.stelmaszyk.dev, request: "GET /index.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "cloud.domain.com"

BrejSki · January 24, 2022, 10:15am

I found a pseudo-solution for it, but it is not suitable for production environment. Problem was caused by SELinux which is preventing Nginx from writing via PHP-FPM.
Steps I did:

First, I installed Nextcloud via occ command:
sudo -u nginx php occ maintenance:install --database "mysql" --database-name "ncdb" --database-user "adm" --database-pass "sqlpass" --admin-user "admin" --admin-pass "mypass"

Then I found issue with writing to config directory and after further investigation I found it’s related to SELinu.

For test, I temporarily disabled SELinux by setenforce 0 - after that it worked - that was the signal for me, that something is wrong in SELinux config, so I tried to set some SELinux flags:
I allowed HTTPD to connect to the network:
setsebool -P httpd_can_network_connect on

Also, because one error was about Database, I enabled another flag:
setsebool -P httpd_can_network_connect_db on

After that I changed SELinux to Enforcing mode back again

Unfortunately it didn’t work…

For now, I gave up because of no time for work on it and I edited /etc/selinux/config file and changed selinux setting to permissive to make it permanent, but I am not satisfied.

Guys, which flag should be enabled to let Nginx work with PHP-FPM correctly? I ran out of ideas.

devnull · January 24, 2022, 2:48pm

I think it is not a good idea to use “AlmaLinux”. Why do you not use a standard linux version e.g. Debian, Ubuntu or CentOS.

For Nginx settings read parts of this.

bb77 · January 26, 2022, 7:12am

Hi @BrejSki

I don’t use SELinux myself… But maybe this can give you some hints… https://docs.nextcloud.com/server/stable/admin_manual/installation/selinux_configuration.html

@devnull Since Red Hat has terminated CentOS development, and they only continue developement of CentOS Stream, CentOS is no longer an option if you want to use a distribution, which is 1:1 binary compatible with RHEL. AlmaLinux, RockyLinux and others jumped in, in order to fill the gap.